search

IndySockets / Indy

Indy - Internet Direct
https://www.indyproject.org
448 stars 153 forks source link

IdHTTPProxyServer & AJAX Requests #102

Open rlebeau opened 7 years ago

rlebeau commented 7 years ago
  1. Create a IdHTTPProxyServer
  2. Set port to 8080
  3. Active := True
  4. Set IE Proxy to 127.0.0.1:8080

When typing in to google search the requests aren't going through IdHTTPProxyServer. Why is that?

Also why is it not possible to monitor https urls? I can only see normal http? 

procedure TManager.OnHTTPBeforeCommand(AContext: TIdHTTPProxyServerContext);
var
  URL : String;
begin
  URL := AContext.Target; // << will only be http:// 
end;
rlebeau commented 7 years ago

I do not know enough about AJAX to know why it does not pass through TIdHTTPProxyServer. Maybe the browser is simply not using its proxy settings for the AJAX connection.

I do know why TIdHTTPProxyServer is not capturing HTTPS urls, and have explained why in detail on a recent StackOverflow discussion:

http://stackoverflow.com/questions/19338730/

Long story short - HTTPS (and other SSL-based) urls are not sent to TIdHTTPProxyServer itself (or any other type of proxy). A client uses an HTTP CONNECT request (or equivilent for non-HTTP proxies) to establish a base connection to a target host:port, then the client establishes an SSL session with the target directly, then protocol data (like an HTTPS url) is sent encrypted to the target. Only the target can decrypt it. TIdHTTPProxyServer is a transparent passthrough by default, it does not know or care what kind of data it is proxying. The only way it can decrypt data is if it is managing its own SSL sessions between client and target.

Non-SSL HTTP requests, on the other hand, do not use CONNECT, they use standard HTTP requests (GET, POST, etc) that are sent directly to TIdHTTPProxyServer with a target url.

That it why TIdHTTPProxyServer is able to capture full non-SSL urls but not HTTPS urls.